General
-
Target
d69d096c890e1f854f8aecfe0c65dab47f696784e5aac332a70577f88613b3ed
-
Size
2.3MB
-
Sample
240603-j6jy2agh5s
-
MD5
a0d0acf3de6b795e2a3c1bd5f3538cf2
-
SHA1
d1386c2c4ca0a8454ca2849aa278a3da0cbd1bf5
-
SHA256
d69d096c890e1f854f8aecfe0c65dab47f696784e5aac332a70577f88613b3ed
-
SHA512
97e10f2cd145caeb8930386e28d7c82c98b9ed1d6c8aa8dfc9fdef2be92f56e617e3ee8604fcbe262c78234a252f466be17f90b09d647a18b5a21929ddb2affd
-
SSDEEP
49152:TZFhl5ZJszSO5a78LLkm39VPrQ5pUw/H0DJNaHqVQf123/:T1l5ZJsS98fkmNBPIONEq+Y3/
Static task
static1
Behavioral task
behavioral1
Sample
d69d096c890e1f854f8aecfe0c65dab47f696784e5aac332a70577f88613b3ed.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
risepro
147.45.47.126:58709
Targets
-
-
Target
d69d096c890e1f854f8aecfe0c65dab47f696784e5aac332a70577f88613b3ed
-
Size
2.3MB
-
MD5
a0d0acf3de6b795e2a3c1bd5f3538cf2
-
SHA1
d1386c2c4ca0a8454ca2849aa278a3da0cbd1bf5
-
SHA256
d69d096c890e1f854f8aecfe0c65dab47f696784e5aac332a70577f88613b3ed
-
SHA512
97e10f2cd145caeb8930386e28d7c82c98b9ed1d6c8aa8dfc9fdef2be92f56e617e3ee8604fcbe262c78234a252f466be17f90b09d647a18b5a21929ddb2affd
-
SSDEEP
49152:TZFhl5ZJszSO5a78LLkm39VPrQ5pUw/H0DJNaHqVQf123/:T1l5ZJsS98fkmNBPIONEq+Y3/
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-